urlscan.io logo urlscan.io
SecurityTrails logo

ageverification.google.co.kr Open in urlscan Pro
2a00:1450:400c:c08::5e  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://ageverification.google.co.kr/ageverification?cl=2&hl=en&prev=https%3A%2F%2Fwww.youtube.com%2Fkav_complete%3Fnext_url%3D%2Fwat...
Submission: On December 21 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 6 HTTP transactions. The main IP is 2a00:1450:400c:c08::5e, located in Ireland and belongs to GOOGLE - Google LLC, US. The main domain is ageverification.google.co.kr.
TLS certificate: Issued by Google Internet Authority G3 on December 4th 2018. Valid for: 3 months.
This is the only time ageverification.google.co.kr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 4
Domain Requested by
3 www.google.com ageverification.google.co.kr
www.gstatic.com
1 www.gstatic.com www.google.com
1 ssl.gstatic.com ageverification.google.co.kr
1 ageverification.google.co.kr
6 4

This site contains no links.

Subject Issuer Validity Valid
*.google.co.kr
Google Internet Authority G3		 2018-12-04 -
2019-02-26		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2018-12-04 -
2019-02-26		 3 months crt.sh
www.google.com
Google Internet Authority G3		 2018-12-04 -
2019-02-26		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://ageverification.google.co.kr/ageverification?cl=2&hl=en&prev=https%3A%2F%2Fwww.youtube.com%2Fkav_complete%3Fnext_url%3D%2Fwatch%3Fv%3D4gYQIP-ks4E&authuser=0
Frame ID: 88135D84C6F03491A5D1ED46F5747611
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfAInsUAAAAAPiq1jL7WfcM653rcT5yzKBQdKx0&co=aHR0cHM6Ly9hZ2V2ZXJpZmljYXRpb24uZ29vZ2xlLmNvLmtyOjQ0Mw..&hl=en&v=v1545073489967&size=invisible&badge=inline&cb=16rm8txwz95k
Frame ID: FDAF4C82CC8E520D0F7112FD04405A99
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1545073489967&k=6LfAInsUAAAAAPiq1jL7WfcM653rcT5yzKBQdKx0&cb=oh74lv5n3tu
Frame ID: 308636640B94A7B58400F96D5898D206
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • env /^Recaptcha$/i

Page Statistics

6
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

102 kB
Transfer

284 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ageverification
ageverification.google.co.kr/ 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ageverification.google.co.kr/ageverification?cl=2&hl=en&prev=https%3A%2F%2Fwww.youtube.com%2Fkav_complete%3Fnext_url%3D%2Fwatch%3Fv%3D4gYQIP-ks4E&authuser=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:400c:c08::5e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
AgeVerificationFrontend /
Resource Hash
ae4d2dcb17298c46dfb5a68fd91ca6383c64de8e83f6880cc0fb0195c951a614
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
ageverification.google.co.kr
:scheme
https
:path
/ageverification?cl=2&hl=en&prev=https%3A%2F%2Fwww.youtube.com%2Fkav_complete%3Fnext_url%3D%2Fwatch%3Fv%3D4gYQIP-ks4E&authuser=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
pragma
no-cache
cache-control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
expires
Fri, 04 Aug 1978 12:00:00 GMT
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 21 Dec 2018 22:54:09 GMT
server
AgeVerificationFrontend
content-length
5071
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
logo_2x.png
ssl.gstatic.com/accounts/ui/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/accounts/ui/logo_2x.png
Requested by
Host: ageverification.google.co.kr
URL: https://ageverification.google.co.kr/ageverification?cl=2&hl=en&prev=https%3A%2F%2Fwww.youtube.com%2Fkav_complete%3Fnext_url%3D%2Fwatch%3Fv%3D4gYQIP-ks4E&authuser=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
749ecb257b4dabd6c2d346578fcbe63a96bf94c1f2366496409296167f03b7a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ageverification.google.co.kr/ageverification?cl=2&hl=en&prev=https%3A%2F%2Fwww.youtube.com%2Fkav_complete%3Fnext_url%3D%2Fwatch%3Fv%3D4gYQIP-ks4E&authuser=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 19 Dec 2018 07:30:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
228245
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
5274
x-xss-protection
1; mode=block
expires
Thu, 19 Dec 2019 07:30:04 GMT
api.js
www.google.com/recaptcha/ 		762 B
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: ageverification.google.co.kr
URL: https://ageverification.google.co.kr/ageverification?cl=2&hl=en&prev=https%3A%2F%2Fwww.youtube.com%2Fkav_complete%3Fnext_url%3D%2Fwatch%3Fv%3D4gYQIP-ks4E&authuser=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
6398e331d33ae6c4721d5f1bce393e874f2785f9b498ad74bdfae03e28202a6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ageverification.google.co.kr/ageverification?cl=2&hl=en&prev=https%3A%2F%2Fwww.youtube.com%2Fkav_complete%3Fnext_url%3D%2Fwatch%3Fv%3D4gYQIP-ks4E&authuser=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Dec 2018 22:54:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
448
x-xss-protection
1; mode=block
expires
Fri, 21 Dec 2018 22:54:09 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/api2/v1545073489967/ 		259 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/api2/v1545073489967/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
05a4fbe67fc787e95c8f7014c830424b4441dcbfef8449b7b69108251c0d659c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ageverification.google.co.kr/ageverification?cl=2&hl=en&prev=https%3A%2F%2Fwww.youtube.com%2Fkav_complete%3Fnext_url%3D%2Fwatch%3Fv%3D4gYQIP-ks4E&authuser=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 10:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 17 Dec 2018 21:15:00 GMT
server
sffe
age
132719
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
92535
x-xss-protection
1; mode=block
expires
Fri, 20 Dec 2019 10:02:10 GMT
anchor
www.google.com/recaptcha/api2/ Frame FDAF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfAInsUAAAAAPiq1jL7WfcM653rcT5yzKBQdKx0&co=aHR0cHM6Ly9hZ2V2ZXJpZmljYXRpb24uZ29vZ2xlLmNvLmtyOjQ0Mw..&hl=en&v=v1545073489967&size=invisible&badge=inline&cb=16rm8txwz95k
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1545073489967/recaptcha__en.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2zeYVjsVhxX1udsWGaHhEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LfAInsUAAAAAPiq1jL7WfcM653rcT5yzKBQdKx0&co=aHR0cHM6Ly9hZ2V2ZXJpZmljYXRpb24uZ29vZ2xlLmNvLmtyOjQ0Mw..&hl=en&v=v1545073489967&size=invisible&badge=inline&cb=16rm8txwz95k
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://ageverification.google.co.kr/ageverification?cl=2&hl=en&prev=https%3A%2F%2Fwww.youtube.com%2Fkav_complete%3Fnext_url%3D%2Fwatch%3Fv%3D4gYQIP-ks4E&authuser=0
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://ageverification.google.co.kr/ageverification?cl=2&hl=en&prev=https%3A%2F%2Fwww.youtube.com%2Fkav_complete%3Fnext_url%3D%2Fwatch%3Fv%3D4gYQIP-ks4E&authuser=0

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 21 Dec 2018 22:54:09 GMT
content-security-policy
script-src 'report-sample' 'nonce-2zeYVjsVhxX1udsWGaHhEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
11169
server
GSE
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
bframe
www.google.com/recaptcha/api2/ Frame 3086 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1545073489967&k=6LfAInsUAAAAAPiq1jL7WfcM653rcT5yzKBQdKx0&cb=oh74lv5n3tu
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1545073489967/recaptcha__en.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aSz3nkOcZgcMQMhsVMhs1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=v1545073489967&k=6LfAInsUAAAAAPiq1jL7WfcM653rcT5yzKBQdKx0&cb=oh74lv5n3tu
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://ageverification.google.co.kr/ageverification?cl=2&hl=en&prev=https%3A%2F%2Fwww.youtube.com%2Fkav_complete%3Fnext_url%3D%2Fwatch%3Fv%3D4gYQIP-ks4E&authuser=0
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://ageverification.google.co.kr/ageverification?cl=2&hl=en&prev=https%3A%2F%2Fwww.youtube.com%2Fkav_complete%3Fnext_url%3D%2Fwatch%3Fv%3D4gYQIP-ks4E&authuser=0

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 21 Dec 2018 22:54:09 GMT
content-security-policy
script-src 'report-sample' 'nonce-aSz3nkOcZgcMQMhsVMhs1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1123
server
GSE
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| removeGenderError function| removePhoneError function| removeNamePlaceholder function| removeBirthYearPlaceholder function| removeBirthDatePlaceholder function| removePhonePlaceholder function| setMvnoCarrier function| showMvnoDetail function| hideMvnoDetail function| handleCarrierChange function| mvnoTableClicked function| validateName function| validateBirthYear function| validateBirthMonth function| validateBirthDate function| validateGender function| validateCarrier function| validatePhone function| validateForm function| onRecaptchaPassed function| onSubmitClicked function| initializeEvent object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| recaptcha object| closure_lm_471307

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block